Cybercrime, SnakeKeylogger hidden in a fake purchase order
The email cab attachment contains an exe file: the malware. The stolen data is then exfiltrated via Telegram API.
Cybercrime, 1.000 ships impacted by a ransomware attack on DNV
The company explains that all vessels can still use the onboard, offline functionalities of the ShipManager software; other systems are not impacted. Eyes on pro-Russia hackers.
Cyber Espionage, here it comes Dark Pink
Group-IB cybersecurity experts: The APT is targeting mostly the APAC region. It exploits new TTPs, custom toolkit-malware and two core techniques.
Cybercrime, double failed malware campaign via PO
The emails contain an xls which, using the Equation Editor, contacts a url and downloads the final payload. However, the exe is unreachable.
Cybercrime, RFQ from Turkey carries AgentTesla and zgRAT
The zip attachment contains an exe file: the first malware, which downloads the second. The stolen data is exfiltrated via SMTP.
Cybercrime, StrRAT e Ratty distributed as polyglots or JAR files
Deep Instinct cybersecurity experts: Victims receive a file, the malware, that is both a valid MSI and a valid JAR.
Cybercrime, Remcos campaign via DBatLoader
The rar attachment contains an exe: the loader, which contacts a url and downloads the final malware.
Cybercrime, the Bangladesh-themed AgentTesla campaign changes template
The .z attachment of an email that simulates a legitimate sender contains an exe: the malware. The stolen data is exfiltrated via STMP to the same server as the RFQ campaign.
Cybercrime, false order from Bangladesh carries AgentTesla
The zip attachment of the email contains an exe file: the malware. The stolen data is then exfiltrated via SMTP.
Cybercrime, fake HSBC Bank email carries SnakeKeylogger
The zip attachment contains an exe file: the malware. The stolen data is exfiltrated via SMTP to a mail address.